urlscan.io logo urlscan.io
SecurityTrails logo

1newss.com Open in urlscan Pro
75.2.81.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buildingrepair.ru/stroitelnie-zametki.html
Effective URL: http://1newss.com/
Submission: On August 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 13 domains to perform 26 HTTP transactions. The main IP is 75.2.81.221, located in United States and belongs to AMAZON-02, US. The main domain is 1newss.com.
This is the only time 1newss.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5.101.153.192 198610 (BEGET-AS)
10 2a00:1450:400... 15169 (GOOGLE)
1 91.228.155.204 44066 (DE-FIRSTC...)
4 185.18.52.110 49981 (WORLDSTREAM)
1 212.224.112.73 44066 (DE-FIRSTC...)
4 75.2.81.221 16509 (AMAZON-02)
1 185.53.178.30 61969 (TEAMINTER...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 10
1    5.101.153.192 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: m2.snorlax.beget.com
buildingrepair.ru
10    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    91.228.155.204 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: hostde14-1.fornex.org
teplica-parnik.net
4    185.18.52.110 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: hostnl1-1.fornex.org
pervenec.com
domstroi.info
domfenshuy.net
domokvar.ru
1    212.224.112.73 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: hostde27.fornex.host
everbestnews.com
4    75.2.81.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: a2e6b661ca0e4c4c4.awsglobalaccelerator.com
1newss.com
1    185.53.178.30 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
c.parkingcrew.net
1    2600:9000:2250:1000:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Domain Requested by
10 www.google.com 1newss.com
www.google.com
4 1newss.com www.google.com
1newss.com
2 afs.googleusercontent.com www.google.com
1 partner.googleadservices.com www.google.com
1 d38psrni17bvxu.cloudfront.net 1newss.com
1 c.parkingcrew.net 1newss.com
1 domokvar.ru www.google.com
1 everbestnews.com www.google.com
1 domfenshuy.net www.google.com
1 domstroi.info www.google.com
1 pervenec.com www.google.com
1 teplica-parnik.net www.google.com
1 buildingrepair.ru
26 13

This site contains links to these domains. Also see Links.

Domain
ahnames.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://1newss.com/
Frame ID: 25BADD335294081D7673CCF46CCCEC16
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2F1newss.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGVhNGU5ODM3MDhifHx8MTY5MzA3NzE0NC4yMzczfDdiOTRlNTZiYTBjYWIxNTRiZTEyM2I0YTc4MDc2NGUxYTUzMmMzMmN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDQwN2Q1NGVhZTczYTc4N2ZlMWJlNGM3YzJmMjdhYzdjMGNhNzZjMzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2477992239354928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3%7Cs&nocache=7501693077144524&num=0&output=afd_ads&domain_name=1newss.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1693077144524&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=558871696&uio=--&cont=tc&jsid=caf&jsv=558871696&rurl=http%3A%2F%2F1newss.com%2F&referer=https%3A%2F%2Fwww.google.com%2F&adbw=master-1%3A530
Frame ID: 182C19AE89AF3715DB24D0EEC8606EA2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1newss.com

Page URL History Show full URLs

  1. http://buildingrepair.ru/stroitelnie-zametki.html Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwjrquH7u8f... Page URL
  3. http://teplica-parnik.net/o-proekte.html Page URL
  4. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjoupON-67r... Page URL
  5. http://pervenec.com/pravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti Page URL
  6. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjBk9Hr-67r... Page URL
  7. http://domstroi.info/o-proekte.html Page URL
  8. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjlqfK4_67r... Page URL
  9. http://domfenshuy.net/lestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti Page URL
  10. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwii7-KYgK_r... Page URL
  11. http://everbestnews.com/chto-takoe-bezindikatornye-strategii-foreks-princip-raboty Page URL
  12. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiY-M35hK_r... Page URL
  13. http://domokvar.ru/o-sayte Page URL
  14. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwiTmP7Jr7r... Page URL
  15. http://1newss.com/ Page URL

Page Statistics

26
Requests

46 %
HTTPS

40 %
IPv6

13
Domains

13
Subdomains

10
IPs

4
Countries

144 kB
Transfer

352 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buildingrepair.ru/stroitelnie-zametki.html Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwjrquH7u8fnAhWe4XMBHZGfC_MQFjAAegQIARAB&url=http%3A%2F%2Fteplica-parnik.net%2Fo-proekte.html&usg=AOvVaw3_iuNX_dzt8TaN6aH6Yp2y Page URL
  3. http://teplica-parnik.net/o-proekte.html Page URL
  4. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjoupON-67rAhUol4sKHadHClIQFjAAegQIARAB&url=http%3A%2F%2Fpervenec.com%2Fpravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti&usg=AOvVaw1bcMzrDwWhKo5ND12c_q_B Page URL
  5. http://pervenec.com/pravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti Page URL
  6. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjBk9Hr-67rAhVLrosKHTT5ApMQFjAAegQIARAB&url=http%3A%2F%2Fdomstroi.info%2Fo-proekte.html&usg=AOvVaw0u-L3KewIq75HUOwPz7w4m Page URL
  7. http://domstroi.info/o-proekte.html Page URL
  8. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjlqfK4_67rAhXtpIsKHRDABcEQFjAAegQIARAB&url=http%3A%2F%2Fdomfenshuy.net%2Flestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti&usg=AOvVaw0EYPhxnJmCNvga9xxXxN7Q Page URL
  9. http://domfenshuy.net/lestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti Page URL
  10. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwii7-KYgK_rAhWVAhAIHdBkD8oQFjAAegQIARAB&url=http%3A%2F%2Feverbestnews.com%2Fchto-takoe-bezindikatornye-strategii-foreks-princip-raboty&usg=AOvVaw3bZJ7ew2fwy2ghn-JzOhqe Page URL
  11. http://everbestnews.com/chto-takoe-bezindikatornye-strategii-foreks-princip-raboty Page URL
  12. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiY-M35hK_rAhVwoosKHVPOB4oQFjAAegQIARAB&url=http%3A%2F%2Fdomokvar.ru%2Fo-sayte&usg=AOvVaw1EPjhS9hrKZNGyHzxZ4mZT Page URL
  13. http://domokvar.ru/o-sayte Page URL
  14. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwiTmP7Jr7roAhXET30KHU6QBegQFjAAegQIARAB&url=http%3A%2F%2F1newss.com%2F&usg=AOvVaw1YiFvXnjgfjwsSVzEl3wzl Page URL
  15. http://1newss.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://www.google.com/adsense/domains/caf.js?abp=1 HTTP 307
  • https://www.google.com/adsense/domains/caf.js?abp=1

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
stroitelnie-zametki.html
buildingrepair.ru/ 		387 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
http://buildingrepair.ru/stroitelnie-zametki.html
Protocol
HTTP/1.1
Server
5.101.153.192 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
m2.snorlax.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
80a141321be6d05f2d0c6a2d7774733c2ab40c8d32ce330868693822b898798a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 26 Aug 2023 19:12:22 GMT
ETag
W/"183-603949260d45d"
Keep-Alive
timeout=30
Last-Modified
Wed, 23 Aug 2023 10:28:26 GMT
Server
nginx-reuseport/1.21.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
url
www.google.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwjrquH7u8fnAhWe4XMBHZGfC_MQFjAAegQIARAB&url=http%3A%2F%2Fteplica-parnik.net%2Fo-proekte.html&usg=AOvVaw3_iuNX_dzt8TaN6aH6Yp2y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-BTKDKzKg4xykvn3gLNpzww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://buildingrepair.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
565
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-BTKDKzKg4xykvn3gLNpzww' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
o-proekte.html
teplica-parnik.net/ 		418 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
http://teplica-parnik.net/o-proekte.html
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwjrquH7u8fnAhWe4XMBHZGfC_MQFjAAegQIARAB&url=http%3A%2F%2Fteplica-parnik.net%2Fo-proekte.html&usg=AOvVaw3_iuNX_dzt8TaN6aH6Yp2y
Protocol
HTTP/1.1
Server
91.228.155.204 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde14-1.fornex.org
Software
nginx /
Resource Hash
07e05d3ba3c6fd4b3f4546b18a2c3672eccd8f18b2d22114cd58918672c3930a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
418
Content-Type
text/html
Date
Sat, 26 Aug 2023 19:12:22 GMT
Last-Modified
Sat, 22 Aug 2020 13:57:03 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
url
www.google.com/ 		1 KB
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjoupON-67rAhUol4sKHadHClIQFjAAegQIARAB&url=http%3A%2F%2Fpervenec.com%2Fpravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti&usg=AOvVaw1bcMzrDwWhKo5ND12c_q_B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-05Ct3PiYzOTYxU_-J-Skjw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://teplica-parnik.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
591
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-05Ct3PiYzOTYxU_-J-Skjw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
pravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti
pervenec.com/ 		381 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
http://pervenec.com/pravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjoupON-67rAhUol4sKHadHClIQFjAAegQIARAB&url=http%3A%2F%2Fpervenec.com%2Fpravila-letnego-otdyxa-s-rebenkom-idei-i-osobennosti&usg=AOvVaw1bcMzrDwWhKo5ND12c_q_B
Protocol
HTTP/1.1
Server
185.18.52.110 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
hostnl1-1.fornex.org
Software
nginx /
Resource Hash
3657f88a155f6f44fa64dc38a045427d578e28a98e19dee1f74af2462643deef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
381
Date
Sat, 26 Aug 2023 19:12:22 GMT
Last-Modified
Sat, 22 Aug 2020 13:59:32 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
url
www.google.com/ 		1 KB
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjBk9Hr-67rAhVLrosKHTT5ApMQFjAAegQIARAB&url=http%3A%2F%2Fdomstroi.info%2Fo-proekte.html&usg=AOvVaw0u-L3KewIq75HUOwPz7w4m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-fCKdCgVEPaVjvPZxWyrPSg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://pervenec.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
562
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-fCKdCgVEPaVjvPZxWyrPSg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
o-proekte.html
domstroi.info/ 		422 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
http://domstroi.info/o-proekte.html
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjBk9Hr-67rAhVLrosKHTT5ApMQFjAAegQIARAB&url=http%3A%2F%2Fdomstroi.info%2Fo-proekte.html&usg=AOvVaw0u-L3KewIq75HUOwPz7w4m
Protocol
HTTP/1.1
Server
185.18.52.110 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
hostnl1-1.fornex.org
Software
nginx /
Resource Hash

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
422
Content-Type
text/html
Date
Sat, 26 Aug 2023 19:12:22 GMT
Last-Modified
Sun, 17 Jan 2021 21:31:16 GMT
Server
nginx
url
www.google.com/ 		1 KB
622 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjlqfK4_67rAhXtpIsKHRDABcEQFjAAegQIARAB&url=http%3A%2F%2Fdomfenshuy.net%2Flestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti&usg=AOvVaw0EYPhxnJmCNvga9xxXxN7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-nbBtZ1oBcoOZ9GjtGdKWmQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://domstroi.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
591
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-nbBtZ1oBcoOZ9GjtGdKWmQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
lestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti
domfenshuy.net/ 		428 B
674 B 		Document
General
Check archive.org
Download Go to
Full URL
http://domfenshuy.net/lestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjlqfK4_67rAhXtpIsKHRDABcEQFjAAegQIARAB&url=http%3A%2F%2Fdomfenshuy.net%2Flestnicy-v-zagorodnyx-domax-konstrukciya-i-osobennosti&usg=AOvVaw0EYPhxnJmCNvga9xxXxN7Q
Protocol
HTTP/1.1
Server
185.18.52.110 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
hostnl1-1.fornex.org
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
428
Date
Sat, 26 Aug 2023 19:12:23 GMT
Last-Modified
Sat, 22 Aug 2020 14:18:12 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
url
www.google.com/ 		1 KB
626 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwii7-KYgK_rAhWVAhAIHdBkD8oQFjAAegQIARAB&url=http%3A%2F%2Feverbestnews.com%2Fchto-takoe-bezindikatornye-strategii-foreks-princip-raboty&usg=AOvVaw3bZJ7ew2fwy2ghn-JzOhqe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-JLJ0u49e8n8VJ8yitjYq8A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://domfenshuy.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
595
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-JLJ0u49e8n8VJ8yitjYq8A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
chto-takoe-bezindikatornye-strategii-foreks-princip-raboty
everbestnews.com/ 		372 B
618 B 		Document
General
Check archive.org
Download Go to
Full URL
http://everbestnews.com/chto-takoe-bezindikatornye-strategii-foreks-princip-raboty
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwii7-KYgK_rAhWVAhAIHdBkD8oQFjAAegQIARAB&url=http%3A%2F%2Feverbestnews.com%2Fchto-takoe-bezindikatornye-strategii-foreks-princip-raboty&usg=AOvVaw3bZJ7ew2fwy2ghn-JzOhqe
Protocol
HTTP/1.1
Server
212.224.112.73 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
hostde27.fornex.host
Software
nginx /
Resource Hash
7346b9ea07ae6bff539e5e4e9a3e7b15d08ac9c0ec6a4cb9805e0acf01546cb2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
372
Date
Sat, 26 Aug 2023 19:12:23 GMT
Last-Modified
Sat, 22 Aug 2020 14:38:58 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
url
www.google.com/ 		1 KB
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiY-M35hK_rAhVwoosKHVPOB4oQFjAAegQIARAB&url=http%3A%2F%2Fdomokvar.ru%2Fo-sayte&usg=AOvVaw1EPjhS9hrKZNGyHzxZ4mZT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-IVsqsuyoU_w4HxW4vzD95Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://everbestnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
559
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-IVsqsuyoU_w4HxW4vzD95Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
o-sayte
domokvar.ru/ 		365 B
611 B 		Document
General
Check archive.org
Download Go to
Full URL
http://domokvar.ru/o-sayte
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiY-M35hK_rAhVwoosKHVPOB4oQFjAAegQIARAB&url=http%3A%2F%2Fdomokvar.ru%2Fo-sayte&usg=AOvVaw1EPjhS9hrKZNGyHzxZ4mZT
Protocol
HTTP/1.1
Server
185.18.52.110 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
hostnl1-1.fornex.org
Software
nginx /
Resource Hash
a73b2b5a77649250802a991e88fe86cd770b4dc7b4131afc71967897375ca8f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
365
Date
Sat, 26 Aug 2023 19:12:23 GMT
Last-Modified
Sat, 01 Jul 2023 05:53:28 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
url
www.google.com/ 		1 KB
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwiTmP7Jr7roAhXET30KHU6QBegQFjAAegQIARAB&url=http%3A%2F%2F1newss.com%2F&usg=AOvVaw1YiFvXnjgfjwsSVzEl3wzl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-c7TLLRn43qA-8Og1vG_Vhg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://domokvar.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
549
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-c7TLLRn43qA-8Og1vG_Vhg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 19:12:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
Primary Request /
1newss.com/ 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1newss.com/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=2ahUKEwiTmP7Jr7roAhXET30KHU6QBegQFjAAegQIARAB&url=http%3A%2F%2F1newss.com%2F&usg=AOvVaw1YiFvXnjgfjwsSVzEl3wzl
Protocol
HTTP/1.1
Server
75.2.81.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
06aea5e36686389e35ba9e2a78c96eaa2b352fe1bf1659a1165de9e221891588

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Aug 2023 19:12:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_UAmkqk1msrGs1QHkfgQkI8JpYBVfb2NBTWtI6bdWQqaVCWhWpe6rrPbH9ZtUThXbaPSwqEWHEmrB+1wwDPLtgA==
X-Buckets
bucket003
X-Domain
1newss.com
X-Language
german
X-Subdomain
X-Template
tpl_CleanPeppermintBlack_twoclick
caf.js
www.google.com/adsense/domains/
Redirect Chain
  • http://www.google.com/adsense/domains/caf.js?abp=1
  • https://www.google.com/adsense/domains/caf.js?abp=1
148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1
Requested by
Host: 1newss.com
URL: http://1newss.com/
Protocol
H3
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
930f53356b254caa72d7ed0b231ff2c27b51d9c43f60b9ad73b07970bac208ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"17139747318219393144"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 26 Aug 2023 19:12:24 GMT

Redirect headers

Location
https://www.google.com/adsense/domains/caf.js?abp=1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
sale_form.js
c.parkingcrew.net/scripts/ 		761 B
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
http://c.parkingcrew.net/scripts/sale_form.js
Requested by
Host: 1newss.com
URL: http://1newss.com/
Protocol
HTTP/1.1
Server
185.53.178.30 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sat, 26 Aug 2023 19:12:24 GMT
Last-Modified
Tue, 12 May 2020 14:25:52 GMT
Server
nginx
ETag
"5ebab1f0-2f9"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
761
track.php
1newss.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1newss.com/track.php?domain=1newss.com&toggle=browserjs&uid=MTY5MzA3NzE0NC4yMjU1OjZmODMwYzM2Mjg4OWU3NWZhNzIyZGIwZjMxOTFkNWU0YjE0ODk5ZDgwZjg2OTMwODJmYzViMWFkMDhiZGY2MTM6NjRlYTRlOTgzNzBiMg%3D%3D
Requested by
Host: 1newss.com
URL: http://1newss.com/
Protocol
HTTP/1.1
Server
75.2.81.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sat, 26 Aug 2023 19:12:24 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: 1newss.com
URL: http://1newss.com/
Protocol
HTTP/1.1
Server
2600:9000:2250:1000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sat, 26 Aug 2023 17:25:24 GMT
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
6420
ETag
"62b4441b-2c6f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11375
X-Amz-Cf-Id
vUCesYl3pJD6va6ZSFe0CJZnMr6DcUURYiZ8D3NOIee8znBB6ZJ0BQ==
ls.php
1newss.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1newss.com/ls.php?t=64ea4e98&token=407d54eae73a787fe1be4c7c2f27ac7c0ca76c38
Requested by
Host: 1newss.com
URL: http://1newss.com/
Protocol
HTTP/1.1
Server
75.2.81.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sat, 26 Aug 2023 19:12:24 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_pQJ9q62YKvrTBy3uJJ/ILojOq/OnVXh7/PGTunSPp8piRZwn3QnEtwQrmMaYBNDnl2CylcRnbZ/ZtPMRxcsfmQ==
Connection
keep-alive
X-Log-Success
64ea4e98ad02f80c1d09d485
cookie.js
partner.googleadservices.com/gampad/ 		374 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=1newss.com&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
228e3bb61b5cab6d8039a596e04c470a9c23861e8398979a47276d3990bd1b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
x-xss-protection
0
ads
www.google.com/afs/ Frame 182C 		16 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2F1newss.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGVhNGU5ODM3MDhifHx8MTY5MzA3NzE0NC4yMzczfDdiOTRlNTZiYTBjYWIxNTRiZTEyM2I0YTc4MDc2NGUxYTUzMmMzMmN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDQwN2Q1NGVhZTczYTc4N2ZlMWJlNGM3YzJmMjdhYzdjMGNhNzZjMzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2477992239354928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3%7Cs&nocache=7501693077144524&num=0&output=afd_ads&domain_name=1newss.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1693077144524&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=558871696&uio=--&cont=tc&jsid=caf&jsv=558871696&rurl=http%3A%2F%2F1newss.com%2F&referer=https%3A%2F%2Fwww.google.com%2F&adbw=master-1%3A530
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
baa0c37bc1ae33aca6132e1e37ce03852467248fd709d5769e33ce4e1268ac83
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-q5hd90jPlgGjmVyrqnZIFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://1newss.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
3447
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-q5hd90jPlgGjmVyrqnZIFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 26 Aug 2023 19:12:24 GMT
expires
Sat, 26 Aug 2023 19:12:24 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 182C 		391 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2F1newss.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGVhNGU5ODM3MDhifHx8MTY5MzA3NzE0NC4yMzczfDdiOTRlNTZiYTBjYWIxNTRiZTEyM2I0YTc4MDc2NGUxYTUzMmMzMmN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDQwN2Q1NGVhZTczYTc4N2ZlMWJlNGM3YzJmMjdhYzdjMGNhNzZjMzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2477992239354928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3%7Cs&nocache=7501693077144524&num=0&output=afd_ads&domain_name=1newss.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1693077144524&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=558871696&uio=--&cont=tc&jsid=caf&jsv=558871696&rurl=http%3A%2F%2F1newss.com%2F&referer=https%3A%2F%2Fwww.google.com%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 16:03:27 GMT
age
11340
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 27 Aug 2023 15:03:27 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 182C 		200 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2F1newss.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGVhNGU5ODM3MDhifHx8MTY5MzA3NzE0NC4yMzczfDdiOTRlNTZiYTBjYWIxNTRiZTEyM2I0YTc4MDc2NGUxYTUzMmMzMmN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDQwN2Q1NGVhZTczYTc4N2ZlMWJlNGM3YzJmMjdhYzdjMGNhNzZjMzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2477992239354928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3%7Cs&nocache=7501693077144524&num=0&output=afd_ads&domain_name=1newss.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1693077144524&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=558871696&uio=--&cont=tc&jsid=caf&jsv=558871696&rurl=http%3A%2F%2F1newss.com%2F&referer=https%3A%2F%2Fwww.google.com%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 14:59:33 GMT
age
15174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Sun, 27 Aug 2023 13:59:33 GMT
caf.js
www.google.com/adsense/domains/ Frame 182C 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=de&rpbu=http%3A%2F%2F1newss.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMDN8fHx8fHw2NGVhNGU5ODM3MDhifHx8MTY5MzA3NzE0NC4yMzczfDdiOTRlNTZiYTBjYWIxNTRiZTEyM2I0YTc4MDc2NGUxYTUzMmMzMmN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fFpIQXRkR1ZoYldsdWRHVnlibVYwTURSZk0zQm98ZDgyZjM2MWZiZjFhMmNkYjk1Y2Y3NmRjNjczMTAzZDYzZWVlNTdiZHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDQwN2Q1NGVhZTczYTc4N2ZlMWJlNGM3YzJmMjdhYzdjMGNhNzZjMzh8MHxkcC10ZWFtaW50ZXJuZXQwNF8zcGh8MHwwfA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2477992239354928&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301293%2C17301321%2C17301323&format=r3%7Cs&nocache=7501693077144524&num=0&output=afd_ads&domain_name=1newss.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1693077144524&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=789&frm=0&cl=558871696&uio=--&cont=tc&jsid=caf&jsv=558871696&rurl=http%3A%2F%2F1newss.com%2F&referer=https%3A%2F%2Fwww.google.com%2F&adbw=master-1%3A530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
791ee18fe11478752f711f6ce75eb9961ada1925b9407752579219437c3e23b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"332481126762473136"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 26 Aug 2023 19:12:27 GMT
track.php
1newss.com/ 		0
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1newss.com/track.php?domain=1newss.com&caf=1&toggle=answercheck&answer=yes&uid=MTY5MzA3NzE0NC4yMjU1OjZmODMwYzM2Mjg4OWU3NWZhNzIyZGIwZjMxOTFkNWU0YjE0ODk5ZDgwZjg2OTMwODJmYzViMWFkMDhiZGY2MTM6NjRlYTRlOTgzNzBiMg%3D%3D
Requested by
Host: 1newss.com
URL: http://1newss.com/
Protocol
HTTP/1.1
Server
75.2.81.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1newss.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sat, 26 Aug 2023 19:12:27 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
answercheck
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| googleNDT_ number| googleAltLoader object| google function| tlink object| tcblock object| searchboxBlock boolean| isAdult object| containerNames string| uniqueTrackingID string| search string| themedata string| domain string| scriptPath string| adtest boolean| pageLoadedCallbackTriggered boolean| fallbackTriggered boolean| formerCalledArguments object| pageOptions function| x function| getXMLhttp function| ajaxQuery function| ajaxBackfill number| waitTime number| timeout number| waitStep function| listenFor1TierResponse object| xmlHttp function| loadFeed function| relatedCallback function| relatedFallback function| ls function| __sasCookie number| experimentId_

3 Cookies

Domain/Path Name / Value
.google.com/ Name: __Secure-ENID
Value: 14.SE=hTbuqICqQ-bCvlVuQbJ_CJzerx58zq1xxVlk6UR7nNEI3hFdnlyrmcBt3tiUs7UTojc2jcz75ejpSuZHmSmQVKjp0RXyWNl-iq4Pf4XzHDf_UqfY5f1Lm0oVJVhY71pFvuid5qgNEEkYey9i5mTPUtOJaUe778DEP0BXjd6GAqA
.google.com/ Name: CONSENT
Value: PENDING+234
.1newss.com/ Name: __gsas
Value: ID=01d04bfe3f35480a:T=1693077144:RT=1693077144:S=ALNI_MaMxiZnYW3EuEyCUWZy3mqrTzqiJg

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
other warning URL: http://www.google.com/adsense/domains/caf.js?abp=1(Line 219)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1newss.com
afs.googleusercontent.com
buildingrepair.ru
c.parkingcrew.net
d38psrni17bvxu.cloudfront.net
domfenshuy.net
domokvar.ru
domstroi.info
everbestnews.com
partner.googleadservices.com
pervenec.com
teplica-parnik.net
www.google.com
185.18.52.110
185.53.178.30
212.224.112.73
2600:9000:2250:1000:1d:4618:5c80:21
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:827::2004
5.101.153.192
75.2.81.221
91.228.155.204
06aea5e36686389e35ba9e2a78c96eaa2b352fe1bf1659a1165de9e221891588
07e05d3ba3c6fd4b3f4546b18a2c3672eccd8f18b2d22114cd58918672c3930a
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
228e3bb61b5cab6d8039a596e04c470a9c23861e8398979a47276d3990bd1b35
3657f88a155f6f44fa64dc38a045427d578e28a98e19dee1f74af2462643deef
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
7346b9ea07ae6bff539e5e4e9a3e7b15d08ac9c0ec6a4cb9805e0acf01546cb2
791ee18fe11478752f711f6ce75eb9961ada1925b9407752579219437c3e23b7
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
80a141321be6d05f2d0c6a2d7774733c2ab40c8d32ce330868693822b898798a
930f53356b254caa72d7ed0b231ff2c27b51d9c43f60b9ad73b07970bac208ea
a73b2b5a77649250802a991e88fe86cd770b4dc7b4131afc71967897375ca8f8
baa0c37bc1ae33aca6132e1e37ce03852467248fd709d5769e33ce4e1268ac83
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3